I always repost hashes because while it may be possible to crack a webpage and change the hash values, it becomes very difficult to hunt down and remove all forum posts and announcement posts everywhere on the web.

Also, hashes seem to index well in search engines. Always compare reposted hashes with the original posted hash values, and consider searching for those hash values on the web.

Edited to add: A single sha256 check is considered to be highly secure. The problem is that not every OS has sha256 available. in these cases checking both the MD5 and the SHA1 and verifying both are correct is also considered very secure. That's why it's a good idea to widely publish all three hashes plus file name and version number.

Last edited by pica on Sat May 04, 2013 12:30 am, edited 2 times in total.

This works not by "chainloading" the iso (which is impossible) but by extracting the kernel from the iso, either before hand or at boot time with grub2's "loopback" command. The kernel is then passed a parameter that tells it that it needs to look for its root not in /dev/cdrom, but by loop mounting an iso file. This parameter also tells the kernel (more precisely the initrd scripts) what path the iso can be found at.

So while UBCD scripts cannot find themselves in a iso thanks to a kernel parametre alike where SG2D would put the iso path it won't be possible.

More than this depending on the way that UBCD boots its images (memdisk boot I think should not be a problem but booting another distro which doesn't know how to look for herself) might be a problem.

If UBCD can boot itself given an iso path, even from syslinux or isolinux, we can adapt it to use it as a loopback.cfg file. It it can't some improvement needs to be done in UBCD scripts a such a sense.